I’m dumb when it comes to some of this routing stuff and I can’t find instructions, that are detailed enough for me, to figure this out.
I have Nginx configured on my machine, here is the config
hsts: max-age=31536000; includeSubDomains
I can get to my machine externally using https://mydomain.duckdns.org:8123 or https://mydomain.duckdns.org:443 (reroutes to https://mydomain.duckdns.org:8123). I’m looking for the configuration that allows me to drop the port number at the end of the URL.Can anyone help me with this?
Maybe try the NGINX Proxy Manager Addon, it provides a simple GUI for configuration.
443 is the standard port for https so you can omit it.
The proxy shouldn’t route to https://mydomain.duckdns.org:8123/ but [your local ip]:8123
What do you have under the
config in the Home Assistant configuration.yaml file?
Here’s my config.
# Secrets are defined in the file secrets.yaml
# Uncomment this if you are using SSL/TLS, running in Docker container, etc.
Ok, let’s start there, you either have SSL in the Home Assistant configuration.yaml OR Nginx. Don’t have it in both. Comment out the SSL bits in Home Assistant configuration, validate config and then restart. By default Home Assistant should run on port 8123 with no SSL, the Nginx add on will then proxy all requests arriving at port 443 through to Home Assistant on port 8123.
Your http config however needs a few things added to be able to actually accept requests from Nginx:
This is my ENTIRE http config section:
I commented out the SSL info in the config but then I couldn’t access HA from WAN at all. I could only login on LAN via http://192.168.1.111:8123. I even had to add the “http” to get it to work
Have you verified that your router is actually setup to port forward connection requests coming to port 443 through to the Home Assistant local IP address on port 443?
Yes that is how my config works, I can access Home Assistant locally using port 8123 but via http, or I can access it via the full domain name (both internally and externally) using https on port 443 (which I don’t need to add to the URL)
Please remember that you DO actually need this -
Without the trusted proxies, then Home Assistant will reject requests from Nginx. The address 172.30.33.0/24 is correct for Home Assistant supervised installs and the Home Assistant OS. But if you have installed Home Assistant in a different way, then the IP address might be different, so please ensure that the IP address you use is correct. The Home Assistant log will tell you the IP address of requests that were rejected because they weren’t listed as a trusted proxy.